[OAUTH-WG] Re: WGLC for SD-JWT

Watson Ladd <watsonbladd@gmail.com> Wed, 04 September 2024 21:19 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B359C1D5305 for <oauth@ietfa.amsl.com>; Wed, 4 Sep 2024 14:19:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LoqKG7Pnr7Hq for <oauth@ietfa.amsl.com>; Wed, 4 Sep 2024 14:19:39 -0700 (PDT)
Received: from mail-wm1-x333.google.com (mail-wm1-x333.google.com [IPv6:2a00:1450:4864:20::333]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B54E1C151717 for <oauth@ietf.org>; Wed, 4 Sep 2024 14:19:39 -0700 (PDT)
Received: by mail-wm1-x333.google.com with SMTP id 5b1f17b1804b1-42bfb50e4e6so40978405e9.2 for <oauth@ietf.org>; Wed, 04 Sep 2024 14:19:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725484777; x=1726089577; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=MI2SrmxJfioXfZjEkty/2EUZSdpcT7LdNa5cJIGYLlU=; b=FMl2QKvyKKUBp7N9ol0K4XYA39LmjcjLjdKgwVSx4QK4KRE5njsXP7rL6uoMjRbbZh at9ES8VpE16aiid/OxT/oB04QDo22jdBmsuSt3LhJ9cOL4aOqSSi/FtYqlvItGIGxIGF AY/05cuTZl1UuKWz5KRvxvu/ormX+0ri49pbz1e2bqxezEQfXebbp1sMPGbYlX7vuEwz HREqszvotkheaVkiU0CVpuaP5KH3yPGWI3oMuLrEcufRVHBdZ58Q5J9xqg2+jExGN6Wp m3ii2pSrvnE+xtrZi5Oh/DIaGmdKIlAqRWFZ4iGuGaVQDBlFCswLZOmvSVTTUw+tUjcA a9XQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725484777; x=1726089577; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MI2SrmxJfioXfZjEkty/2EUZSdpcT7LdNa5cJIGYLlU=; b=anGtdD5VEh/nON8xp+9tEORD5qJtzJU3Majti14pSByakUH9ZtHErgPt4ZOZgHnQpK cfWtW7cD7LnfIMoaz+pz9p2lwCKXqCeE4SwEgBxpOdwRFRZL9xpY727hr+rfnZ1k5Fha DL2YdfKNThuIye5uzRpoK7e9FfGXpV8GS1RmG1A5HCK0OC/h+lZSN42DuXGZXwqVsIod hep0sKHrfuD4UQ2isEdOiMBcRwmAEK8J1Ur/Jvv3ji17nOjIvQBN9V7iUvEsv/kbfIuD Kj+UBRoqUaSLwfGv4SQrlnR6ueBn91rias6Xhct3hNZAnn9Xu3Ev88xYGjriQUICHAGE A9Yw==
X-Gm-Message-State: AOJu0Yw7joyP22JVNqL+OiZ8j6tN5O66DsGCpzW/3ts1dZxiOam5JU2B supFkEJnyTnYl6Yt6JMSwfjCTPaTBzOJ5+aXiF7kGiWkHfRqltAFhyy7TbD850+Xe9KJCIJxFgq 3RDDIDnXzhlmq6uDCzeEngtvKxWloxg==
X-Google-Smtp-Source: AGHT+IGud0o4yOJKIJcMUzfH4/0aAMkorOYeCnO/5uhOS31rGijPy6CgrngNruNWviuF/VF3oo8IXduhEoRDTO62ljk=
X-Received: by 2002:a05:6000:cc7:b0:371:8f26:67f1 with SMTP id ffacd0b85a97d-3749b5521dcmr12481730f8f.33.1725484777036; Wed, 04 Sep 2024 14:19:37 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com>
In-Reply-To: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 04 Sep 2024 14:19:25 -0700
Message-ID: <CACsn0cnwUVp3NwkmqYVjrCNbSvKhTwx04YvAoYb9ujUTQWAS4Q@mail.gmail.com>
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: WS2JW522VUEI454QGXY7BO2PN6THFLBM
X-Message-ID-Hash: WS2JW522VUEI454QGXY7BO2PN6THFLBM
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Re: WGLC for SD-JWT
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/GC9YeODgXGwJDx0p3hxlj-BHggE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

The privacy considerations section does not have enough RFC 2119
language in the Unlinkability section. There is no workable guidance
on how to mitigate these risks. Presentation to users is not a
workable solution: please learn from how browsers have suffered a lot
at this. It's also very prolix. This is in contrast to 11.1 and 11.2.

Sincerely,
Watson

On Tue, Sep 3, 2024 at 3:40 AM Rifaat Shekh-Yusef
<rifaat.s.ietf@gmail.com> wrote:
>
> All,
>
> As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT document.
> https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html
>
> Please, review this document and reply on the mailing list if you have any comments or concerns, by Sep 17th.
>
> Regards,
>   Rifaat & Hannes
> _______________________________________________
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to oauth-leave@ietf.org



-- 
Astra mortemque praestare gradatim